Immutable OS
I am a long-time user of the Linux distribution Fedora. In recent months, I switched to Pop!_OS as my primary Linux distribiton, however, I still keep a close eye on the Fedora Project, specifically their work on immutable operating systems.
The definition of the word immutable is “unchanging over time or unable to be changed.”
In computing, “immutable” is most commonly associated with Blockchain, specifically the decentralised ledger that uses cryptographic hashes to protect the data from alteration.
An immutable operating system aims to achieve a similar goal by making the root directory (first or top-most directory in a hierarchy) read-only, ensuring it cannot be modified.
The purpose is to ensure the host operating system is protected from accidental or malicious modifications, which improves security, stability and performance by guaranteeing the integrity of the core system.
Every application, tool and/or package installed on an immutable operating system executes code isolated from the root directory, providing clear segregation, as well as a highly effective rollback (restoration) capability.
Fedora Silverblue and Fedora Kinoite are great examples of an immutable operating system.
The primary difference between Silverblue and Kinoite is the Desktop Environment, as Silverblue ships with GNOME and Kinoite ships with KDE Plasma.
As a GNOME user, I have the most experience with Fedora Silverblue. The image below highlights my ARM64 installation running on my MacBook Pro M1 Max.
Fedora Silverblue and Fedora Kinoite leverage three core technologies to initialise and maintain the immutable operating system, as well as support application/tool/package management.
OSTree
rpm-ostree is a hybrid image/package system. It combines libostree (AKA OSTree) as a base image format, and accepts RPM on both the client and server-side, sharing code with the dnf project.
OSTree is a system for versioning updates of Linux. It includes a shared library and suite of command-line tools that combines a “git-like” model for committing and downloading bootable filesystem trees, along with a layer for deploying them and managing the bootloader configuration.
OSTree operates in userspace (code that runs outside of the operating system kernel) and supports any Linux file system.
In short, OSTree is used to initialise and maintain the immutable operating system, facilitating system updates, rollbacks, etc.
Flatpak
Flatpak is a universal packaging system for Linux as well as a utility for software development and distribution.
Flatpak aims to deliver an isolated sandbox environment that includes the runtime and bundled libraries to support the execution of the application/tool/package.
This isolated sandbox environment cannot make any changes to the system without explicit permission from the host.
Flatpak provides a mechanism to install/manage an application/tool/package (including GUI applications) on an immutable operating system, without impacting the integrity of the root directory.
FlatHub is a useful resource that maintains a list of available Flatpack compatible applications/tools/packages.
Podman
Podman is a daemonless container engine for developing, managing, and running OCI Containers on Linux.
Critically, Podman containers can be executed in rootless mode, which reinforces the security model defined as part of an immutable operating system.
As a result, podman is considered more secure than Docker as it does not require root access, making it a great choice for running headless/web applications, tools and packages.
Conclusion
In conclusion, an immutable operating system like Fedora Silverblue and Fedora Kionite provide an exciting glimpse into a future where security, reliability and performance are proactively enforced instead of reactively maintained.
This subtle shift in thinking could have a profound impact on how operating systems are built and supported, whilst also ensuring the “out of the box” user experience is protected, avoiding the inevitable “system rot”.
A great example is the upcoming Steam Deck from Valve, which will ship with a new version of SteamOS (based on Arch Linux) that will be an immutable operating system. This makes sense for an “appliance-like” device that is targeting consumers, where guaranteed core software consistency will help simplify support.
In conclusion, with Linux already making progress towards an immutable future and mounting evidence that Apple is doing the same with macOS, I am intrigued to see how this story evolves.